How to integrate WSO2 API Manager (AM) 1.10.0 with PingFederate SAML 2.0?
How to integrate WSO2 am 1.10.0 with PingFederate SAML 2.0? Any instructions?
From the WSO2 website, I've only seen the docs on how to set up SSO among WSO2 products: https://docs.wso2.com/display/AM1100/Configuring+Single+Sign-on+with+SAML2 . But I haven't seen any documentation on how to enable WSO2 AM 1.10.0 with external identity providers like PingFederate via SAML2.
Any help is appreciated.
*** UPDATE:
I followed the instructions here https://docs.wso2.com/display/AM1100/Configuring+Single+Sign-on+with+SAML2 - just assuming WSO2 IS is a PingIdentity. For the mojority part, it works, but I cannot generate keys when I subscribe to the API. It says "invalid credentials" even though I have signed up with apps and subscriptions and can build apps from / store the UI.
source to share
I can confirm that this can be done without adding a separate wso2 IS server to the image. I have fixed several problems (cannot generate keys, cannot publish API, etc.): What I did to fix the problem: 1) add admin user inside ApiKeyValidaor in api-manager.xml also in user admin through management console and to the user mgt.xml; 2) Inside api-manager.xml:
Change the following:
https: // $ {carbon.local.ip}: $ {mgt.transport.https.port} $ {carbon.context} / services /
to: https: // [FQDN_OF_HOST }: $ {mgt.transport.https.port} $ {carbon.context} / services /
The reason is that only the domain name is written in my server certificate, not the ip address.
The solution was also mentioned here: wso2 am 1.10.0 API Store: "An error occurred while executing the generateApplicationKey action" with "Invalid credentials.
source to share
Basically, you can do this by adding PingFederate as an IDP to WSO2 AM and configuring federated SAML SSO configurations. An example of how to achieve this with Shibboleth is given in [1]. You can follow the same steps as any configurations as per your requirement.
Refer to [2] for configuring a federated SAML SSO authenticator in general
[2] https://docs.wso2.com/display/IS510/Configuring+SAML+2.0+Web+SSO
source to share